WN11-00-000100 - Internet Information System (IIS) or its subcomponents must not be installed on a workstation.

Information

IIS is not installed by default. Installation of Internet Information System (IIS) may allow unauthorized internet services to be hosted. Websites must only be hosted on servers that have been designed for that purpose and can be adequately secured.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Uninstall 'Internet Information Services' or 'Internet Information Services Hostable Web Core' from the system.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_11_V2R2_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7a., CAT|I, CCI|CCI-000381, Rule-ID|SV-253275r958478_rule, STIG-ID|WN11-00-000100, Vuln-ID|V-253275

Plugin: Windows

Control ID: bfe065a73dd34ef666e0cb322cd24f4fb1030f41508532142b7dc89664b4510e